Improves threat detection with endpoint security and machine learning

Overview

“Putting a smile on every woman’s face,” is the slogan for Sankei Living Shimbun Inc., a growing business that publishes a portfolio of newspapers and magazines geared towards women in Japan. Sankei Living publishes the life-style newspaper Living Shimbun, with a circulation of 7.9 million. The company also publishes City Living, an office-orientated information magazine, Enfant (infant), a magazine for mothers of infants and young children and other publications covering the stages of women’s lives.

“We analyze opinions, desires and trends to create relevant and timely content for our readers. We also propose unique campaigns and promotions to potential advertisers. Our goal is to enrich women’s lives and create compatible business opportunities for our advertisers,” said Hiroaki Takano, Head of Information System Department, Management Bureau, Sankei Living Shimbun Inc.

Challenges

Each magazine has its own distribution organization to directly deliver publications to homes, offices, child care centers, educational centers, and more. One of the company’s strengths is that it has a strong connect rate with women, which is based on trust. In addition to securing its subscriber database, Sankei Living handles a large amount of personal data, such as individual reader demographics. “We feel that we have an obligation to protect personal information to ensure security and build trust,” said Takano.

As part of the security initiative, Sankei Living conducted a review of endpoint security. “We found it difficult to manage the application of pattern files due to the complicated structure of configurations and settings with our existing anti-virus software. We wanted a solution that could improve operational management and security,” said Akira Mizutani, Information System Department, Sankei Living Shimbun Inc.

The media company also found it difficult to manage PCs in the field for news-gathering or sales calls at client companies. If a PC was taken outside temporarily, its data could be acquired and checked when it was connected back to the in-house LAN. But that didn’t work when a PC was offline for a longer assignment.

Why Trend Micro

Sankei Living chose the Trend Micro™ OfficeScan™ XG antivirus solution because of the robust security measures it offered at the endpoints and the use of new technology to monitor unknown threats.

Sankei Living also liked the potential of the cutting-edge, high-fidelity machine-learning technology of OfficeScan™. “We saw that robust Trend solutions would also be effective against unknown threats, which are difficult to detect by pattern file based measures,” said Takano.

Solution

The company is strengthening its security measures including developing a new security policy, establishing a CSIRT (Computer Security Incident Response Team), and introducing SIEM (Security Information and Event Management) for centralized management of event logs and incident analysis.

Trend Micro™ OfficeScan™ XG, utilizes high-fidelity machine-learning to provide a blend of threat protection techniques such as pattern matching, web-file reputation, and behavior monitoring. This multi-faceted threat protection eliminates security gaps across user activity and endpoints. “Off-premise compliance and protection is now enabled and operational management has become more efficient with the centralized status view of all on premise and off-premise endpoints,” said Mizutani.

The cloud-based security platform, Trend Micro™ Smart Protection Network™, accumulates and “learns” new threat-related information daily. When unknown PC intrusions occur, the file characteristics or process are extracted, reviewed for file configuration information and behavior, and then detected as a threat.

“You can easily access the browser-based management screen, work on the settings of each PC, and check logs. We saw that with the Edge relay server’ installed in the DMZ, we can centrally manage the latest pattern file application status and virus detection logs of PCs that were taken outside the company premises,” said Mizutani.

Results

Sankei Living installed Trend Micro™ OfficeScan™ XG on over 950 PCs, including the computers of an affiliate company. “Comprehensive endpoint status can be centrally viewed via the dashboard, and operational management has become more efficient. The machine-learning technology is a reassuring component of the solution. After installation, we confirmed detection of grayware and this gave us a greater sense of security,” stated Mizutani.

Sankei Living reduced manual analysis, increased fast preliminary judgments, and mitigated threats before they are registered in the pattern file. They also addressed a variety of subspecies like ransomware and targeted attacks. “OfficeScan XG has improved our defense capability by integrating machine-learning technology to cope with unknown threats not prevented by pattern matching,” said Takano.

What's next?

In the next phase, Sankei Living will address the CSIRT, and further strengthen its overall security. “We are going to incorporate OfficeScan XG logs into the SIEM and analyze what kind of attacks it is receiving and work through the PDCA cycle to strengthen our defenses,” Takano stated.

“In addition to information about new threats, we look forward to receiving support from Trend Micro to introduce new functionality and innovative solutions to strengthen our defense capabilities,” continued Takano.